Symantec Endpoint Protection client fixes
TMP folders in virus definitions folder eventually consume all available drive space
Fix ID: 1177176
Symptom: Symantec Endpoint Protection clients create tmp folders in the C:\Program Files\Common Files\Symantec Shared\VirusDefs folder. When new definitions arrive, the problem stops, but starts again at random times on some computers. TMP folders are created in 5 and 10 minute intervals, eventually consuming all available space on the drive.
Solution: LiveUpdate code modified to clean up temporary folders and registry values in the case of failures during the update process.
Symantec Endpoint Protection Outlook Plug-in breaks all Outlook attachments
Fix ID: 1190655
Symptom: Whether the Outlook Plug-in is turned off or on, all Outlook attachments are broken when opened from a computer with Symantec Endpoint Protection client installed.
Solution: Ensured that Outlook attachments can be opened on Symantec Endpoint Protection Clients with Outlook Plug-in installed.
Symantec Endpoint Protection client scans do not scan any or all files
Fix ID: 1200900
Symptom: Attempts to run a full scan results in Symantec Endpoint Protection client scanning only approximately 1,000 files. Attempts to run a scan with "scan enhancements" unchecked results in 0 files scanned.
Solution: Updated the Common Client component that resolves the inconsistent scanning problem.
Windows blue screen error
Fix ID: 1159668
Symptom: Windows computer with Symantec Endpoint Protection 11.0 client installed encounters blue screen with an "Unexpected_Kernel_Mode_Trap (7f)."
Solution: Code fixed to address driver problems.
64-Bit Windows 2003 Server blue screen error
Fix ID: 1169684
Symptom: Computer encouters blue screen with reference to cceraser.dll.
Solution: Fixed problem with new release of Symantec Eraser engine.
Symantec Endpoint Protection client maintains accelerated heartbeat for too long
Fix ID: 1204176
Symptom: When the Symantec Endpoint Protection client is in pull mode, and enters an accelerated heartbeat (polls server every minute) due to content pending download, the client does not exit out of the accelerated heartbeat fast enough after the content is downloaded.
Solution: Accelerated heartbeat exit criteria has been modified to the following: client falls back to normal heartbeat interval once Symantec Endpoint Protection Manager delivers the pending LiveUpdate content/Client Package OR if the time elapsed in accelerated mode is twice the push/pull mode interval.
Symantec Endpoint Protection client migration problems
Fix ID: 1211603
Symptom: On Symantec Endpoint Protection client, migration from Symantec Endpoint Protection 11.0 RTM to later MR hangs. User is prompted several times to upgrade, selects OK, and then client stops responding.
Solution: Modified installation package to handle necessary Windows files appropriately, and updated LiveUpdate catalog.
Update Schedule for Symantec Endpoint Protection client is not updated
Fix ID: 1195527
Symptom: Once a Symantec Endpoint Protection client gets an update schedule from the Symantec Endpoint Protection Manager, it will keep the update schedule even if the server changes it. For example, if the server is configured to have all clients update within 10 days and the client picks a schedule for 8 days from now, the client will keep the 8 day schedule even if you change the server to have clients update immediately before the 8 days elapse.
Solution: New Update schedule from server now supersedes previous update schedule already on the Symantec Endpoint Protection client.
Installing Application Control without Proactive Threat Scan blocks nothing
Fix ID: 1194067
Symptom: Functionality of Application Control is non-existent without Proactive Threat Scan.
Solution: Removed Application Control's dependency on Proactive Threat Scan so that it can function independently.
With Sysplan enabled, SMC.exe crashes after Windows login
Fix ID: 1200628
Symptom: The following errors occur: "sms.exe – Application Error : The instruction at "0x6f029b8f" referenced memory at "0x038d0000." The memory could not be read." "Rundll32.exe – Application Error : The application failed to initialize properly (0xc0000005). Click on OK to terminate the application." "Explorer.exe – Application Error window The application failed to initialize properly (0xc0000005). Click OK to terminate the application."
Solution: Fixed algorithm that relates to regular expression matching and corrected errors that missed some judgment conditions, resulting in SMC.exe not crashing with these error messages.
Symantec Endpoint Protection client GUI crashes when importing rules to an unmanaged Symantec Endpoint Protection client
Fix ID: 1178530
Symptom: After modifying rules, encrypting rules, and then importing rules back to unmanaged Symantec Endpoint Protection client using command line "smc.exe –importadvrule c:\newrules.sar," client GUI crashes.
Solution: Modified XML parser so that edits made to policy in this manner do not crash the Symantec Endpoint Protection client. Specifically, how it handles the existence or non-existence of Byte Order Marks (BOMs) in the XML files.
Migration from SPA 5.1 to Symantec Endpoint Protection 11.0 causes firewall to fail to load
Fix ID: 1226009
Symptom: After migrating from SPA 5.1 to Symantec Endpoint Protection 11.0 client, no MSI errors are indicated. Upon restart, firewall service fails to load with error "Failed to start the firewall application. Error code returned: 0x80070102." Symantec Management client service also fails to load at startup and cannot be started.
Solution: Correct file is being copied over during migration that prevents the problems from occurring. SPA 5.1 now successfully migrates to Symantec Endpoint Protection 11.0.2 without the errors listed above.
Failed migration from 10.1 MR7 to 11.0 MR1 on French Operating Systems
Fix ID: 1195284
Symptom: Migration fails from 10.1 MR7 to 11.0 MR1 on French operating systems with the following error: "cba.dll is missing." Also appears that for specific common files, newer versions exist in 10.1 MR7 than in 11.0 MR1, thereby causing the failed migration.
Solution: To avoid this scenario, ensure components should not replace newer component files with older versions when the MSI product version moves forward.
System crashes when application/device control is installed
Fix ID: 1209194
Symptom: Customer has Papyrus software installed on same computer as Symantec Endpoint Protection client with application/device control installed. The computer crashes.
Solution: Application/device control views dlls based on the last few characters (tail) of their name. Some dlls have the same last few characters and can cause problems with Symantec Endpoint Protection accessing invalid memory areas. Fix applied to ensure application/device control to compare the full file name of dlls.
Symantec Endpoint Protection client does not scan files with certain special characters
Fix ID: 1213701
Symptom: Files with special characters are not scanned.
Solution: Changed code to include scanning of special characters.
Legacy scheduled scans run on client after migration to Symantec Endpoint Protection, but cannot be viewed or modified from the Symantec Endpoint Protection Manager
Fix ID: 1220783
Symptom: After migrating a Symantec AntiVirus 9.x or 10.x client to Symantec Endpoint Protection, scheduled scans previously configured for the Symantec AntiVirus clients run on the newly-migrated Symantec Endpoint Protection client. An administrator cannot see these legacy scans in the Symantec Endpoint Protection Manager and cannot configure the scans. Legacy scans are stored in the registry and not removed (or correctly migrated) for the Symantec Endpoint Protection client.
Solution: Legacy scheduled scans defined by the administrator are now migrated. When legacy clients are migrated to Symantec Endpoint Protection, they find their legacy scheduled scans, and these scans are visible and configurable from the Symantec Endpoint Protection Manager.
Current date of Proactive Threat Protection definitions is not displayed on the Symantec Endpoint Protection client
Fix ID: 1218123
Symptom: From the Symantec Endpoint Protection client user interface, the Proactive Threat Protection definition date is not displayed. They are displayed only after an initial process is scanned.
Solution: Display correct Proactive Threat Protection definitions date at all times, including before Proactive Threat Protection scans any processes.
Application Device Control Exclusions
Fix ID: 1167148
Symptom: Adding "Devices excluded from blocking" for human interface devices after already blocking USB does not work.
Solution: Implemented new device control USB additions that addressed policy discrepancies for Application Device Control exclusions.
Tray icon crashes when user logs in to computer
Fix ID: 1216558
Symptom: A scheduled scan runs when the user is logged off computer. The scheduled scan detects an infected file. After the user logs on to the computer, the Symantec tray icon (smcgui.exe) crashes.
Solution: Changed code to handle this scenario. Symantec Endpoint Protection client creates virus notification later in the log on process to avoid the crash.
Host Integrity firewall rule does not detect Norton Internet Security 2008
Fix ID: 1196203
Symptom: Host Integrity check for Norton Internet Security 2008 fails, stating that the system is not running a firewall.
Solution: Host Integrity check now recognizes NIS 2008 as a firewall.
Symantec Endpoint Protection client configuration information is not stored correctly
Fix ID: 1192670
Symptom: After applying new feature set to Symantec Endpoint Protection client, registry backups are replaced with path to SysRasMan.dll instead of rastls.dll.
Solution: This problem is caused by the installer continually overwriting the backup registry keys. Installer now detects this behavior and circumvents it from occurring. Installer also detects a migration from a broken system and repairs/resets registry keys back to defaults.
Checkpoint VPN software breaks Symantec Endpoint Protection Manager/client communication
Fix ID: 1200105
Symptom: Regardless of order of installation, Symantec Endpoint Protection client communication is disrupted when Checkpoint VPN software is installed on the client. After all necessary reboots, Symantec Endpoint Protection gold shield loses the green dot. It sometimes stays up for a minute or two at startup, but disappears shortly. Restarting the SMC service allows it to communicate again, but only for a heartbeat or two.
Solution: Modified code that makes Checkpoint VPN compatible with Symantec Endpoint Protection client.
After installing Symantec Endpoint Protection client to computer that has Cisco VPN/Checkpoint (True Vector Driver), computer cannot connect to VPN Server
Fix ID: 1177043
Symptom: Uninstalling Symantec Endpoint Protection client does not resolve the problem. Customer must reinstall Cisco VPN and True Vector. Receives error in the Application Event Logs: "TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it."
Solution: Removed legacy code that is not necessary for Symantec Endpoint Protection client to address communication problem and associated error.
Cisco's stateful firewall does not start with Symantec Endpoint Protection client (Antivirus/Antispyware only) installed
Fix ID: 1197749
Symptom: Cisco stateful firewall does not start since Cisco believes that the Symantec Endpoint Protection firewall component is installed as well. Cisco detects Fwsvpn.dll and prevents Cisco VPN Client Stateful firewall from loading. This then leads to a Cisco policy violation when the client attempts to establish a VPN connection without the VPN Client Firewall enabled.
Solution: Removed Fwsvpn.dll from installed files, and therefore problem with Cisco Stateful firewall not starting no longer exists. Symantec firewall team deemed removal of Fwsvpn.dll to be safe as it is no longer needed to address a specific problem with Symantec and Zone Alarm.
Some Third-Party applications fail to load when Symantec Endpoint Protection client is installed
Fix ID: 1209639 / 1180417
Symptom: After installing Symantec Endpoint Protection client with default settings, some third party applications fail to load. Default setting under Communications Settings for Global > Upload >Upload a list of applications that the clients have run" is checked. When Symantec Endpoint Protection performs its check, it touches the license file of third party application and causes it to fail to load.
Solution: Default setting of "Upload a list of applications that the clients have run" is not checked by default so that this problem does not occur. This default setting is only for newly installed Symantec Endpoint Protection management servers and clients. If users migrate from previous versions, the setting of the previous version will also be migrated.
Symantec Endpoint Protection client does not correctly exclude Windows mount points
Fix ID: 1165797
Symptom: After creating a mount point and then excluding it in the Symantec Endpoint Protection client, performing a scan on the mount point will result in detecting infected files when they should actually be excluded.
Solution: Fixed API that addresses this problem. Note: This fix is not available for Windows 2000.
Proactive Threat Protection displays incorrect status on Symantec Endpoint Protection client
Fix ID: 1162794
Symptom: From Symantec Endpoint Protection client, under Proactive Threat Protection, it displays "Waiting for Updates," even though no updates are expected.
Solution: Status of Proactive Threat Protection displays correctly in the user interface.
Proactive Threat Scan errors after Symantec Endpoint Protection client service starts
Fix ID: 1189167, 1207606
Symptom: After about 1 hour of the Symantec Endpoint Protection service starting up (this is the default proactive threat scan frequency), Proactive Threat Scan triggers the following errors (9, 11, and 14).
Solution: Added a new registry key that indicates whether Proactive Threat Scan is installed so that scans are only attempted when Proactive Threat Scan is available.
Symantec Client Firewall migration tool does not run when an older version of Java is installed
Fix ID: 1196059
Symptom: Symantec Client Firewall migration tool does not run on a computer with an older version of Java installed.
Solution: Checks implemented into Symantec Client Firewall migration tool to expect either of the following two conditions to be fulfilled: The JRE path for the public Java install is updated in the PATH environment variable and is either version 1.5 or greater OR the tool runs from the Symantec Endpoint Protection Manager bin directory.
No notification of location change
Fix ID: 1191379
Symptom: After configuring locations from Symantec Endpoint Protection Manager and defining a message, Symantec Endpoint Protection client does not receive a notification stating that the client's location changed.
Solution: Symantec Endpoint Protection client is notified when location has changed.
Unmanaged Symantec Endpoint Protection client should not have option to Update Policy
Fix ID: 1184273
Symptom: After installing an unmanaged client package on a client computer, and then right-clicking on the Symantec Endpoint Protection tray icon, user can click on the Update Policy setting and receive the following message "Requesting Update Policy from the Symantec Endpoint Protection Manager." This is misleading as the client is not attached to Symantec Endpoint Protection Manager.
Solution: Whether installed from the CD or unmanaged client package, an unmanaged Symantec Endpoint Protection client does not have the option to "Update Policy" by right-clicking the Symantec Endpoint Protection icon in the system tray.
Active Response is triggered even when the IDS signature is set to allow
Fix ID: 1180686
Symptom: When Active Response is checked within an IDS rule, Active Response is triggered regardless of severity or whether the traffic is allowed or blocked.
Solution: Active Response module modified to monitor both severity and action. If the action is allowed, Active Response is not triggered. Active Response is triggered for blocked traffic. If the action severity is "Info" or "Normal," Active Response is not triggered. Active Response is triggered for "Critical," "Major," and "Minor."
Tray Icon color is grey on Windows 2000 Computers
Fix ID: 1184772
Symptom: After installing Symantec Endpoint Protection client to a Windows 2000 computer, the Symantec system tray icon is grey, rather than in color.
Solution: Tray icon is now in gold color on Windows 2000 computers
German Symantec Endpoint Protection client user interface displays default retention time for logs as 14 years
Fix ID: 1185711
Symptom: Symantec Endpoint Protection client incorrectly shows that default retention time for logs is 14 years, when in reality it is 14 days.
Solution: Fixed German translation problem so that Symantec Endpoint Protection displays the correct time.
DBCS characters in Symantec Endpoint Protection client Security Logs do not display correctly
Fix ID: 1187968
Symptom: DBCS characters appear as garbage characters after upgrading Firefox internet browser in the Symantec Endpoint Protection client security log.
Solution: Characters appear correctly in the log.
Untranslated strings
Fix ID: 1127029
Symptom: Untranslated strings exist in Host Integrity alerts on Symantec Endpoint Protection client and Quarantine client location name in Symantec Endpoint Protection Manager.
Solution: Translated strings for Host Integrity alerts. |
发表于 2008-4-14 10:50:58
楼主
楼主最好能大体翻一下,那就更完美了